MilesGuard
DE

Your security status,
clear and unvarnished.

Blue Team

50% of Swiss SMEs conduct no security audits. We assess your IT security against nDSG, ISG, NIS2 and ICT minimum standard and deliver an action plan that actually gets implemented in your organisation.

Why an Audit Matters Now

Regulatory pressure on Swiss companies has intensified rapidly. The nDSG has been in effect since September 2023, the ISG reporting obligation for critical infrastructure since April 2025, and NIS2 affects Swiss SMEs through the EU supply chain, regardless of their own location. Without documentation, you risk not only fines but losing ground against clients, partners and insurers.

In practice, this means: configurations nobody has reviewed in years. Access rights that have accumulated. Compliance gaps that only surface after an incident.

An audit creates clarity. Not as a one-off document for the drawer, but as a prioritised foundation for concrete measures. We deliver both: the analysis and the plan.

Our Approach

Phase 01

Scoping

Together we define audit scope, compliance requirements and risk priorities. Based on your business processes, not a generic checklist template.

Phase 02

Technical Assessment

Infrastructure review per NIST SP 800-115 and CISA AD Compromise Detection. Network configurations, access controls, patch status, cloud settings. Every finding manually verified.

Phase 03

Compliance Gap Analysis

Comparison of your current state against requirements from nDSG, ISG reporting obligation, NIS2 and ICT minimum standard. Concrete identification of gaps and their impact.

Phase 04

Report & Action Plan

Technical report with reproduction steps, prioritised action plan by effort and impact plus a board-ready risk summary.

Phase 05

90-Day Retest

Fix the findings, and we verify that the fixes hold. The retest is included in the engagement price.

What You Receive

Technical Audit Report

Complete documentation of all findings with severity, reproduction steps and remediation recommendations.

Compliance Mapping

Comparison against nDSG, ISG, NIS2 and ICT minimum standard. Clear statement on gaps and their regulatory relevance.

Prioritised Action Plan

Measures sorted by effort and impact, with concrete steps for your IT team or service provider.

Board Summary

Two to three pages for management: risk posture, compliance status and recommendations without technical jargon.

90-Day Retest

Verification of implemented measures. We confirm in writing what's fixed, what remains open and why.

Common Questions

What exactly is audited?

That depends on the agreed scope. A standard audit covers network and infrastructure review, access controls, patch management, cloud configurations and compliance posture against nDSG, ISG, NIS2 and ICT minimum standard. If needed, we extend the scope to third parties, applications or physical security.

How long does an audit take?

A standard audit for an SME with 50 to 250 employees typically takes two to five working days for the assessment, plus one week for report writing. The 90-day retest follows your own implementation schedule.

Which compliance frameworks does the audit cover?

By default, we assess against nDSG (Swiss Data Protection Act), ISG reporting obligation, NIS2 as relevant through the EU supply chain, and the federal ICT minimum standard. On request, we add ISO 27001, SOC 2 or industry-specific requirements.

What happens after the retest if findings are still open?

We document remaining findings in the retest report with justification and risk assessment. You receive a clear basis for internal prioritisation decisions or discussions with insurers and auditors.

From Our Blog

compliance

nDSG and IT Security: 10 Technical Measures for SMEs

9 March 2026 · 7 min read

compliance

ISG Reporting Obligation: What Swiss Companies Need to Know Now

6 April 2026 · 7 min read

praxis

Microsoft 365 Security: The 2026 SME Checklist

27 April 2026 · 8 min read

Request an Audit

We clarify scope and requirements in a free initial consultation. No form overhead, directly with the security engineer.

Request an Audit

CHF 5,000–15,000

Price depends on scope and regulatory environment. Includes report, action plan and 90-day retest.